How to bypass username entry with ADFS (true single sign-on)

Active Directory Federation Services (ADFS) allows your school/organisation to use your own Active Directory to authenticate users. While Azure AD Connect (formerly DirSync) seems to give this functionality, it is actually a copy of the usernames and passwords in Azure AD which authenticates the user onto the site rather than your own AD server.

The main benefit of having ADFS setup is the option for users to have single sign-on to Office 365. When a user enters their username in the Office 365 login page, the domain is automatically detected as federated and the user is redirected to the ADFS login page hosted on the local network. If the user is logged in to the local network, they are automatically signed in using windows authentication. If the user is not on the local network, the ADFS login page can be branded with the organisation’s logo, image, text and colours to provide a custom login experience.

Although the user doesn’t have to enter the password, it doesn’t feel like a true single sign-on experience (as the user must enter the username to get redirected). There is a nice solution to this, you can use some custom links to automatically redirect the user so no credentials are required when logged into the network.

Your e-mail address will not be published. Required fields are marked *

Comment

Name *

Email *

Website

Tony Phillips

I’ve been working with Microsoft SharePoint since 2003 and specialise in branding, implementation and design of SharePoint installations. I’m a Microsoft Certified Professional and graduated from The University of Derby with BSc (Hons) in Digital Entertainment. I currently run a SharePoint and Office 365 consultancy business called Cloud Design Box Ltd. I work with clients across the UK and all over the world, please feel free to contact me via the contact page if you require consultancy or via twitter for general questions.